FUSE ESB 4.3.0: JAAS exception with broker
concombremasqué Aug 27, 2010 11:29 AMHi,
I am trying to use JAAS for broker authentication. My 'activemq-broker.xml' looks like that:
And 'my.users.properties' contains:
user=password,users
Now if I start ServiceMix everything goes well (my JAAS realm is created). But when I try to access a queue (using HermesJMS) I always end up with following JAAS exception:
java.lang.SecurityException: User user is not authorized to create: topic://ActiveMQ.Advisory.Connection
at org.apache.activemq.security.AuthorizationBroker.addDestination(AuthorizationBroker.java:76)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.broker.MutableBrokerFilter.addDestination(MutableBrokerFilter.java:151)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.broker.region.RegionBroker.send(RegionBroker.java:474)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.broker.BrokerFilter.send(BrokerFilter.java:129)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.broker.scheduler.SchedulerBroker.send(SchedulerBroker.java:136)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:480)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:411)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.advisory.AdvisoryBroker.fireAdvisory(AdvisoryBroker.java:406)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.advisory.AdvisoryBroker.addConnection(AdvisoryBroker.java:85)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:85)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:85)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:85)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.security.JaasAuthenticationBroker.addConnection(JaasAuthenticationBroker.java:90)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.broker.BrokerFilter.addConnection(BrokerFilter.java:85)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.broker.MutableBrokerFilter.addConnection(MutableBrokerFilter.java:91)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.broker.TransportConnection.processAddConnection(TransportConnection.java:694)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.broker.jmx.ManagedTransportConnection.processAddConnection(ManagedTransportConnection.java:83)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.command.ConnectionInfo.visit(ConnectionInfo.java:137)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.broker.TransportConnection.service(TransportConnection.java:309)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.broker.TransportConnection$1.onCommand(TransportConnection.java:185)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.transport.TransportFilter.onCommand(TransportFilter.java:69)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.transport.WireFormatNegotiator.onCommand(WireFormatNegotiator.java:113)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.transport.InactivityMonitor.onCommand(InactivityMonitor.java:217)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.transport.TransportSupport.doConsume(TransportSupport.java:83)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.transport.tcp.TcpTransport.doRun(TcpTransport.java:219)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at org.apache.activemq.transport.tcp.TcpTransport.run(TcpTransport.java:201)[43:org.apache.activemq.activemq-core:5.4.0.fuse-00-00]
at java.lang.Thread.run(Thread.java:619)[:1.6.0_18]
I do not understand: it appears HermesJMS is successfully logged on ActiveMQ (using user called 'user' with password 'password') but ActiveMQ denies creation of Advisory topic in spite of my authorizationEntry in activemq-broker.xml.
Any idea?